The mergeable does not merge the branch under Branch protection rule

[munkherdeneen]

My on-prem Merge bot does not merge the PR into the base branch where it's protected by the GitHub branch protection rule. Is there any way to merge the PR into the protected branch?

My mergeable config here:

version: 2
mergeable:

• when: schedule.repository
  validate:

  • do: stale
    days: 10
    type: pull_request, issues
    pass:
  • do: comment
    payload:
    body: >
    This is old PR!

• when: pull_request.opened
  name: 'Greet a contributor'
  validate: []
  pass:

  • do: request_review
    teams: ['team1', 'team2']
  • do: assign
    assignees: ['@author']
  • do: comment
    payload:
    body: >
    Thanks for creating a pull request! The team will be reviewing your changes shortly. Please respond promptly to any feedback or change requests.

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Set a label as bot-Ready-for-Merge once all approvals given'
  validate:

  • do: title
    must_exclude:
    regex: 'wip|work in progress|DO NOT MERGE'
  • do: milestone
    must_include:
    regex: 'Merge List'
  • do: approvals
    min:
    count: 1
    limit:
    teams: ['team1']
  • do: or
    validate:
    • do: label
      must_include:
      regex: 'NoEmbeddedQA'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team2']
  • do: or
    validate:
    • do: label
      must_exclude:
      regex: 'Release'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team3']
      pass:
  • do: merge
    merge_method: 'squash'
  • do: checks
    status: 'success'

and my GitHub branch protection rule here:

After all the check passes but the PR is still standing without any merge action.

But, when I disable the branch protection rule it merges fine. But I need protection rule is mandatory.

Is there anything wrong with my mergeable config? How can I accept the merge bot to merge the PRs under the protection rule is active?

[shine2lay]

@munkherdeneen Try looking at the log, see what the error message for the merge is, it could be possible that this is solved by giving the bot the appropriate permission. I am not quite sure tbh.

[munkherdeneen]

@munkherdeneen Try looking at the log, and see what the error message for the merge is, it could be possible that this is solved by giving the bot the appropriate permission. I am not quite sure tbh.

Thank you for the reply @shine2lay. As you suggested I played with branch protection rules and was able to merge PR by a bot with the following additional permission (since we cannot add the GitHub app on this config only a team or person is allowed).

But, I am facing with another issue after that. Here is what happens:

1. After all approvals are given and then I make a new commit in the branch.
2. Then it will dismiss all the approvals again due to the branch protection rule.
3. So, it will dismiss merger bot validation as well. But at that time merge bot is just merging the PR even while validations are failed.

How can I prevent being merged after all approvals are dismissed with a new commit happens? Could you suggest it here?

After I reviewed the #395 issue and I followed this issue guidance and made a change as follows:

version: 2
mergeable:

• when: schedule.repository
  validate:

  • do: stale
    days: 10
    type: pull_request, issues
    pass:
  • do: comment
    payload:
    body: >
    This is old PR!

• when: pull_request.opened
  name: 'Greet a contributor'
  validate: []
  pass:

  • do: request_review
    teams: ['team1', 'team2']
  • do: assign
    assignees: ['@author']
  • do: comment
    payload:
    body: >
    Thanks for creating a pull request! The team will be reviewing your changes shortly. Please respond promptly to any feedback or change requests.

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Set a label as bot-Ready-for-Merge once all approvals given'
  validate:

  • do: title
    must_exclude:
    regex: 'wip|work in progress|DO NOT MERGE'
  • do: milestone
    must_include:
    regex: 'Merge List'
  • do: approvals
    min:
    count: 1
    limit:
    teams: ['team1']
  • do: or
    validate:
    • do: label
      must_include:
      regex: 'NoEmbeddedQA'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team2']
  • do: or
    validate:
    • do: label
      must_exclude:
      regex: 'Release'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team3']
      pass:
  • do: checks
    status: 'success'

• when: pull_request., status., check_suite.*
  name: 'All checks pass'
  validate: []
  pass:

  • do: merge
    merge_method: 'squash'

[shine2lay]

@munkherdeneen I think you can make mergeable a required check, so when mergeable is not passing, the bot can't merge it

[munkherdeneen]

@munkherdeneen I think you can make mergeable a required check, so when mergeable is not passing, the bot can't merge it

@shine2lay, I have tried with the following mergeable config but the bot still does not work well. Could you replicate the issue and try once? The case is here:

1. The PR opens.
2. Get all required approvals while the long-standing pipeline runs.
3. While the pipeline runs we have a change on the main branch and it makes conflicts with the PR branch.
4. Then the pipeline finishes and is ready to merge. I mean all set.
5. But there is a conflict and it blocks our merge.
6. Then fix the conflict between the main and PR branch with git push.
7. Then it merges the PR immediately without checking other conditions. After the fix commit it dismisses all the approvals with the branch protection rule.

So, I think the potential problem is merging the bot takes action before the bot changes the PR label (it must break bot conditions).

How can I tackle this issue? Could you please help with it?

The mergeable config is here:

version: 2
mergeable:

• when: schedule.repository
  validate:

  • do: stale
    days: 10
    type: pull_request, issues
    pass:
  • do: comment
    payload:
    body: >
    This is old?

• when: pull_request.opened
  name: 'Greet a contributor'
  validate: []
  pass:

  • do: request_review
    teams: ['team1', 'team2']
  • do: assign
    assignees: ['@author']
  • do: comment
    payload:
    body: >
    Thanks for creating a pull request! The team will be reviewing your changes shortly. Please respond promptly to any feedback or change requests.
  • do: labels
    add: ['bot-pipeline-running']
    delete: ['bot-pipeline-succeed', 'bot-pipeline-failed', 'bot-ready-for-merge']

• when: pull_request.synchronize
  name: 'Label as bot-pipeline-running for refreshing the PR'
  validate: []
  pass:

  • do: labels
    add: ['bot-pipeline-running']
    delete: ['bot-pipeline-succeed', 'bot-pipeline-failed']
  • do: request_review
    teams: ['team1', 'team2']

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Set a label as bot-Ready-for-Merge once all approvals given'
  validate:

  • do: title
    must_exclude:
    regex: 'wip|work in progress|DO NOT MERGE'
  • do: label
    must_include:
    regex: 'bot-pipeline-succeed'
    must_exclude:
    regex: 'wontfix|bot-pipeline-failed|bot-pipeline-running|DO NOT MERGE|work in progress'
  • do: approvals
    min:
    count: 1
    limit:
    teams: ['team1']
  • do: or
    validate:
    • do: label
      must_include:
      regex: 'NoEmbeddedQA'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team2']
  • do: or
    validate:
    • do: label
      must_exclude:
      regex: 'Release'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team3']
      pass:
  • do: labels
    add: 'bot-ready-for-merge'
  • do: checks
    status: 'success'

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Merge pull requests once it passes all checks'
  validate:

  • do: label
    must_include:
    regex: ['bot-pipeline-succeed']
  • do: label
    must_include:
    regex: ['bot-ready-for-merge']
  • do: milestone
    must_include:
    regex: 'Bot Merge List'
    pass:
  • do: checks
    status: 'success'
  • do: merge
    merge_method: 'squash'

Screenshot of PR itself:

Also, I tried with the following config but it's still the same issue occurs.

version: 2
mergeable:

• when: pull_request.opened
  name: 'Greet a contributor'
  validate: []
  pass:

  • do: request_review
    teams: ['team1', 'team2']
  • do: assign
    assignees: ['@author']
  • do: comment
    payload:
    body: >
    Thanks for creating a pull request! The team will be reviewing your changes shortly. Please respond promptly to any feedback or change requests.
  • do: labels
    add: ['bot-pipeline-running']
    delete: ['bot-pipeline-succeed', 'bot-pipeline-failed', 'bot-ready-for-merge']

• when: pull_request.synchronize
  name: 'Label as bot-pipeline-running for refreshing the PR'
  validate: []
  pass:

  • do: labels
    add: ['bot-pipeline-running']
    delete: ['bot-pipeline-succeed', 'bot-pipeline-failed']

• do: request_review
  teams: ['team1', 'team2']

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Set a label as bot-Ready-for-Merge once all approvals given'
  validate:

  • do: title
    must_exclude:
    regex: 'wip|work in progress|DO NOT MERGE'
  • do: label
    must_include:
    regex: 'bot-pipeline-succeed'
    must_exclude:
    regex: 'wontfix|bot-pipeline-failed|bot-pipeline-running|DO NOT MERGE|work in progress'
  • do: approvals
    min:
    count: 1
    limit:
    teams: ['team1']
  • do: or
    validate:
    • do: label
      must_include:
      regex: 'NoEmbeddedQA'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team2']
  • do: or
    validate:
    • do: label
      must_exclude:
      regex: 'Release'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team3']
      pass:
  • do: labels
    add: 'bot-ready-for-merge'
  • do: checks
    status: 'success'

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Merge pull requests once it passes all checks'
  validate:
  - do: label
  must_include:
  regex: ['bot-pipeline-succeed']
  - do: label
  must_include:
  regex: ['bot-ready-for-merge']
  - do: milestone
  must_include:
  regex: 'Bot Merge List'
  pass:
  - do: checks
  status: 'success'

  • when: pull_request., pull_request_review., status., check_suite.
    name: 'All checks pass'
    validate: []
    pass:
    • do: checks
      status: 'success'
      payload:
      title: 'Mergeable Run have been Completed!'
      summary: "All the validators have returned 'pass'! \n Here are some stats of the run: \n {{validationCount}} validations were ran"
    • do: merge
      merge_method: 'squash'

[munkherdeneen]

@munkherdeneen I think you can make mergeable a required check, so when mergeable is not passing, the bot can't merge it

@shine2lay, I have tried with the following mergeable config but the bot still does not work well. Could you replicate the issue and try once? The case is here:

1. The PR opens.
2. Get all required approvals while the long-standing pipeline runs.
3. While the pipeline runs we have a change on the main branch and it makes conflicts with the PR branch.
4. Then the pipeline finishes and is ready to merge. I mean all set.
5. But there is a conflict and it blocks our merge.
6. Then fix the conflict between the main and PR branch with git push.
7. Then it merges the PR immediately without checking other conditions. After the fix commit it dismisses all the approvals with the branch protection rule.

So, I think the potential problem is merging the bot takes action before the bot changes the PR label (it must break bot conditions).

How can I tackle this issue? Could you please help with it?

The mergeable config is here:

version: 2 mergeable:

• when: schedule.repository
  validate:

  • do: stale
    days: 10
    type: pull_request, issues
    pass:
  • do: comment
    payload:
    body: >
    This is old?

• when: pull_request.opened
  name: 'Greet a contributor'
  validate: []
  pass:

  • do: request_review
    teams: ['team1', 'team2']
  • do: assign
    assignees: ['@author']
  • do: comment
    payload:
    body: >
    Thanks for creating a pull request! The team will be reviewing your changes shortly. Please respond promptly to any feedback or change requests.
  • do: labels
    add: ['bot-pipeline-running']
    delete: ['bot-pipeline-succeed', 'bot-pipeline-failed', 'bot-ready-for-merge']

• when: pull_request.synchronize
  name: 'Label as bot-pipeline-running for refreshing the PR'
  validate: []
  pass:

  • do: labels
    add: ['bot-pipeline-running']
    delete: ['bot-pipeline-succeed', 'bot-pipeline-failed']
  • do: request_review
    teams: ['team1', 'team2']

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Set a label as bot-Ready-for-Merge once all approvals given'
  validate:

  • do: title
    must_exclude:
    regex: 'wip|work in progress|DO NOT MERGE'

  • do: label
    must_include:
    regex: 'bot-pipeline-succeed'
    must_exclude:
    regex: 'wontfix|bot-pipeline-failed|bot-pipeline-running|DO NOT MERGE|work in progress'

  • do: approvals
    min:
    count: 1
    limit:
    teams: ['team1']

  • do: or
    validate:

    • do: label
      must_include:
      regex: 'NoEmbeddedQA'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team2']

  • do: or
    validate:

    • do: label
      must_exclude:
      regex: 'Release'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team3']
      pass:

  • do: labels
    add: 'bot-ready-for-merge'

  • do: checks
    status: 'success'

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Merge pull requests once it passes all checks'
  validate:

  • do: label
    must_include:
    regex: ['bot-pipeline-succeed']
  • do: label
    must_include:
    regex: ['bot-ready-for-merge']
  • do: milestone
    must_include:
    regex: 'Bot Merge List'
    pass:
  • do: checks
    status: 'success'
  • do: merge
    merge_method: 'squash'

Screenshot of PR itself:

Also, I tried with the following config but it's still the same issue occurs.

version: 2 mergeable:

• when: pull_request.opened
  name: 'Greet a contributor'
  validate: []
  pass:

  • do: request_review
    teams: ['team1', 'team2']
  • do: assign
    assignees: ['@author']
  • do: comment
    payload:
    body: >
    Thanks for creating a pull request! The team will be reviewing your changes shortly. Please respond promptly to any feedback or change requests.
  • do: labels
    add: ['bot-pipeline-running']
    delete: ['bot-pipeline-succeed', 'bot-pipeline-failed', 'bot-ready-for-merge']

• when: pull_request.synchronize
  name: 'Label as bot-pipeline-running for refreshing the PR'
  validate: []
  pass:

  • do: labels
    add: ['bot-pipeline-running']
    delete: ['bot-pipeline-succeed', 'bot-pipeline-failed']

• do: request_review
  teams: ['team1', 'team2']

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Set a label as bot-Ready-for-Merge once all approvals given'
  validate:

  • do: title
    must_exclude:
    regex: 'wip|work in progress|DO NOT MERGE'

  • do: label
    must_include:
    regex: 'bot-pipeline-succeed'
    must_exclude:
    regex: 'wontfix|bot-pipeline-failed|bot-pipeline-running|DO NOT MERGE|work in progress'

  • do: approvals
    min:
    count: 1
    limit:
    teams: ['team1']

  • do: or
    validate:

    • do: label
      must_include:
      regex: 'NoEmbeddedQA'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team2']

  • do: or
    validate:

    • do: label
      must_exclude:
      regex: 'Release'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team3']
      pass:

  • do: labels
    add: 'bot-ready-for-merge'

  • do: checks
    status: 'success'

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Merge pull requests once it passes all checks'
  validate:

  • do: label
    must_include:
    regex: ['bot-pipeline-succeed']
  • do: label
    must_include:
    regex: ['bot-ready-for-merge']
  • do: milestone
    must_include:
    regex: 'Bot Merge List'
    pass:
  • do: checks
    status: 'success'

  • when: pull_request., pull_request_review., status., check_suite.
    name: 'All checks pass'
    validate: []
    pass:

    • do: checks
      status: 'success'
      payload:
      title: 'Mergeable Run have been Completed!'
      summary: "All the validators have returned 'pass'! \n Here are some stats of the run: \n {{validationCount}} validations were ran"
    • do: merge
      merge_method: 'squash'

@shine2lay could you replicate the issue. Because I still have not resolved my issue on merge function? Thank you.

[munkherdeneen]

@munkherdeneen I think you can make mergeable a required check, so when mergeable is not passing, the bot can't merge it

@shine2lay, I have tried with the following mergeable config but the bot still does not work well. Could you replicate the issue and try once? The case is here:

1. The PR opens.
2. Get all required approvals while the long-standing pipeline runs.
3. While the pipeline runs we have a change on the main branch and it makes conflicts with the PR branch.
4. Then the pipeline finishes and is ready to merge. I mean all set.
5. But there is a conflict and it blocks our merge.
6. Then fix the conflict between the main and PR branch with git push.
7. Then it merges the PR immediately without checking other conditions. After the fix commit it dismisses all the approvals with the branch protection rule.

So, I think the potential problem is merging the bot takes action before the bot changes the PR label (it must break bot conditions).

How can I tackle this issue? Could you please help with it?

The mergeable config is here:

version: 2 mergeable:

• when: schedule.repository
  validate:

  • do: stale
    days: 10
    type: pull_request, issues
    pass:
  • do: comment
    payload:
    body: >
    This is old?

• when: pull_request.opened
  name: 'Greet a contributor'
  validate: []
  pass:

  • do: request_review
    teams: ['team1', 'team2']
  • do: assign
    assignees: ['@author']
  • do: comment
    payload:
    body: >
    Thanks for creating a pull request! The team will be reviewing your changes shortly. Please respond promptly to any feedback or change requests.
  • do: labels
    add: ['bot-pipeline-running']
    delete: ['bot-pipeline-succeed', 'bot-pipeline-failed', 'bot-ready-for-merge']

• when: pull_request.synchronize
  name: 'Label as bot-pipeline-running for refreshing the PR'
  validate: []
  pass:

  • do: labels
    add: ['bot-pipeline-running']
    delete: ['bot-pipeline-succeed', 'bot-pipeline-failed']
  • do: request_review
    teams: ['team1', 'team2']

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Set a label as bot-Ready-for-Merge once all approvals given'
  validate:

  • do: title
    must_exclude:
    regex: 'wip|work in progress|DO NOT MERGE'

  • do: label
    must_include:
    regex: 'bot-pipeline-succeed'
    must_exclude:
    regex: 'wontfix|bot-pipeline-failed|bot-pipeline-running|DO NOT MERGE|work in progress'

  • do: approvals
    min:
    count: 1
    limit:
    teams: ['team1']

  • do: or
    validate:

    • do: label
      must_include:
      regex: 'NoEmbeddedQA'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team2']

  • do: or
    validate:

    • do: label
      must_exclude:
      regex: 'Release'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team3']
      pass:

  • do: labels
    add: 'bot-ready-for-merge'

  • do: checks
    status: 'success'

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Merge pull requests once it passes all checks'
  validate:

  • do: label
    must_include:
    regex: ['bot-pipeline-succeed']
  • do: label
    must_include:
    regex: ['bot-ready-for-merge']
  • do: milestone
    must_include:
    regex: 'Bot Merge List'
    pass:
  • do: checks
    status: 'success'
  • do: merge
    merge_method: 'squash'

Screenshot of PR itself:

Also, I tried with the following config but it's still the same issue occurs.

version: 2 mergeable:

• when: pull_request.opened
  name: 'Greet a contributor'
  validate: []
  pass:

  • do: request_review
    teams: ['team1', 'team2']
  • do: assign
    assignees: ['@author']
  • do: comment
    payload:
    body: >
    Thanks for creating a pull request! The team will be reviewing your changes shortly. Please respond promptly to any feedback or change requests.
  • do: labels
    add: ['bot-pipeline-running']
    delete: ['bot-pipeline-succeed', 'bot-pipeline-failed', 'bot-ready-for-merge']

• when: pull_request.synchronize
  name: 'Label as bot-pipeline-running for refreshing the PR'
  validate: []
  pass:

  • do: labels
    add: ['bot-pipeline-running']
    delete: ['bot-pipeline-succeed', 'bot-pipeline-failed']

• do: request_review
  teams: ['team1', 'team2']

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Set a label as bot-Ready-for-Merge once all approvals given'
  validate:

  • do: title
    must_exclude:
    regex: 'wip|work in progress|DO NOT MERGE'

  • do: label
    must_include:
    regex: 'bot-pipeline-succeed'
    must_exclude:
    regex: 'wontfix|bot-pipeline-failed|bot-pipeline-running|DO NOT MERGE|work in progress'

  • do: approvals
    min:
    count: 1
    limit:
    teams: ['team1']

  • do: or
    validate:

    • do: label
      must_include:
      regex: 'NoEmbeddedQA'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team2']

  • do: or
    validate:

    • do: label
      must_exclude:
      regex: 'Release'
    • do: approvals
      min:
      count: 1
      limit:
      teams: ['team3']
      pass:

  • do: labels
    add: 'bot-ready-for-merge'

  • do: checks
    status: 'success'

• when: pull_request., pull_request_review., status., check_suite.
  name: 'Merge pull requests once it passes all checks'
  validate:

  • do: label
    must_include:
    regex: ['bot-pipeline-succeed']
  • do: label
    must_include:
    regex: ['bot-ready-for-merge']
  • do: milestone
    must_include:
    regex: 'Bot Merge List'
    pass:
  • do: checks
    status: 'success'

  • when: pull_request., pull_request_review., status., check_suite.
    name: 'All checks pass'
    validate: []
    pass:

    • do: checks
      status: 'success'
      payload:
      title: 'Mergeable Run have been Completed!'
      summary: "All the validators have returned 'pass'! \n Here are some stats of the run: \n {{validationCount}} validations were ran"
    • do: merge
      merge_method: 'squash'

@shine2lay could you replicate the issue. Because I still have not resolved my issue on merge function? Thank you.

[abid-mujtaba]

I have had success with setting the mergeable app as an entry in "Restrict who can push to matching branches".